this time *really* fix the /../ check ...

author Bodo Möller <bodo@openssl.org>

Fri, 30 Mar 2001 14:55:19 +0000 (14:55 +0000)

committer Bodo Möller <bodo@openssl.org>

Fri, 30 Mar 2001 14:55:19 +0000 (14:55 +0000)
author Bodo Möller <bodo@openssl.org>
Fri, 30 Mar 2001 14:55:19 +0000 (14:55 +0000)
committer Bodo Möller <bodo@openssl.org>
Fri, 30 Mar 2001 14:55:19 +0000 (14:55 +0000)
diff --git a/apps/s_server.c b/apps/s_server.c

index 2e61799fde7b826e3c1bc6398f56bc64ade1634e..97e477bde2a5ed8aef110c9bee023e3451ca4871 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1361,9 +1361,6 @@ static int www_body(char *hostname, int s, unsigned char *context)
  
                                 switch (dot)
                                         {
-                               case 0:
-                                       dot = (e[0] == '/') ? 1 : 0;
-                                       break;
                                 case 1:
                                         dot = (e[0] == '.') ? 2 : 0;
                                         break;
@@ -1374,6 +1371,8 @@ static int www_body(char *hostname, int s, unsigned char *context)
                                         dot = (e[0] == '/') ? -1 : 0;
                                         break;
                                         }
+                               if (dot == 0)
+                                       dot = (e[0] == '/') ? 1 : 0;
                                 }
                         dot = (dot == 3) || (dot == -1); /* filename contains ".." component */
author	Bodo Möller <bodo@openssl.org>
	Fri, 30 Mar 2001 14:55:19 +0000 (14:55 +0000)
committer	Bodo Möller <bodo@openssl.org>
	Fri, 30 Mar 2001 14:55:19 +0000 (14:55 +0000)